[tbb-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Feb 22 20:44:54 UTC 2016 

#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
 Reporter:  ioerror                       |          Owner:  tbb-team
     Type:  enhancement                   |         Status:  new
 Priority:  High                          |      Milestone:
Component:  Tor Browser                   |        Version:
 Severity:  Critical                      |     Resolution:
 Keywords:  security, privacy, anonymity  |  Actual Points:
Parent ID:                                |         Points:
  Sponsor:                                |
------------------------------------------+--------------------------

Comment (by lhi):

 Replying to [comment:66 toruser2016]:
 >
 > Never attribute to malice that which is adequately explained by
 stupidity
 >

 Reading their comments here, I have come to understand that some of them
 really don't care.

 I view the CAPTCHAs as a reminder that something is very amiss in the web.
 No amount of PR or whitewashing can quell my strong reservations about
 some company being in a position to MITM large swathes of the web. This is
 a bad situation, and I appreciate being reminded of it nearly every time I
 browse the web.

 This nonwithstanding, thanks jgrahamc for finally agreeing to provide the
 simple option for their data sources, I mean "free customers", to
 whitelist Tor, and investigating long-standing problems with the CAPTCHAs.

 The ZK "human bit" proof discussion is no good. No good at all. Increasing
 attack surface by weighing down client software with functionality that
 serves no discernible purpose for the user - just artificial complications
 to reduce accessibility and serve the crazy whims of some self-important
 company - is a horrible idea.

 I hope no Tor developers will provide free labor (as cypherpunks lucidly
 characterized the idea) to build contorted and expensive solutions to
 someone else's perceived needs.

 As people have already correctly stated, all requests are negotiated by
 bots, not humans. It is no one's busness whether some person attends the
 process. Attempting to ascertain this in some way or other is
 surveillance-think. What if I want to retrieve some page via cron job, for
 example. Not "legitimate"?

 I have, by the way, always found it a demeaning and insulting attitude
 towards humans that we are being asked by rooms full of servers (which
 handle enormous amounts of requests and should be able handle the few
 extra ones coming from Tor exits without breaking an electronic sweat,
 honestly) to solve puzzles. I am very angry about this attitude btw
 because my time is infinitely more valuable than your servers'.

 Btw trac.torproject.org made me solve google CAPTCHAs, some of which
 didn't work. Way to go ...

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:68>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list